Hello there,
I am using a certificate issued by Let’s Encrypt for our website, The site is hosted at Siteground and protected by Sucuri Firewall services.
We have switched our webiste to https since a few days. While the website works correctly, our RSS feed services are being rejected on some platforms. Further investigation using W3C validator will show that the certificate: “Server returned [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727)”.
At this point we have verified the certificate at ssllabs and the output states that “This server’s certificate chain is incomplete. Grade capped to B.”
please share your domain name. There are different problems possible -> different solutions. Check your website with https://check-your-website.server-daten.de/ - then you see, if you send too much or too less certificates.
Sucuri is acting as a proxie that filters traffic through their firewall and forwards all to the ISP. In this scenario is the faulty certificate being used only by Sucuri or is this being used also on the ISP end? I ask so I can narrow down the problem.
To address quickly this problem, what should I ask to the ISP and what should I ask to Sucuri?
Impossible to answer...
Your actual site (IP) is NOT known/visible to the Internet.
[but, even if it were, it should have no negative impact on the Internet users' experience]
I don't know how Sucuri works. Terminates Sucuri the SSL or does this your server?
Where is the certificate installed? You have to find that place and change the configuration.
PS: But you can share your real ip address or test your real address with "check your website". Then you see, if your ip address sends the correct chain.
